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Detailed Action 

1 . This action is responsive to communication filed on: 10 March 2008 with recognition of 
an original application filed 12 September 2002, with acknowledgement of continuing data from 
a 317 of PCT/US00/27352 filed 4 October 2000, with a provisional application filed 

5 October 1999. 

2. Claims 16-30 and 70-75, are pending in this application. Claims 16-30 are elected. 
Claim 16 and is an independent claim. Claims 70-75 are withdrawn. 

Response to Arguments 

3. Applicant's arguments filed 10 March 2008 have been fully considered however they are 
not persuasive. 

I) In response to applicant's arguments beginning on page 6, "In KSR Int'l Co. v Teleflex 
In., 127 S. Ct. 1727, 1739 (2007), the Court stated that "a patent composed of several elements 
is not proved obvious merely by demonstrating that each of its elements was, independently, 
known in the prior art. Although common sense directs one to look with care at a patent 
application that claims as innovation the combination of two know devices according to their 
established functions, it can be important to identify a reason that would have prompted a person 
of ordinary skill in the relevant field to combine the elements in the way the claimed new 
invention does ". 

The Examiner disagrees with the argument. Both Inoue and RFC 1 827 are directed to 
mobile communications. As stated by the KSR ruling it is reasonable to combine prior art in the 
same field of endeavor. In addition as indicated below Inoue teaches there is a need to guard 
against the leakage of secret information. 
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II) In response to applicant's argument beginning on page 7, "However, Applicants 
respectfully submit that the Inoue, alone or in combination, does not teach the feature of "the 
home domain receiving and processing the registration request to generate a registration reply 
comprising one or more encryption keys for encrypting messages communicated between the 
mobile node, home domain, and the foreign domain. " The Examiner indicated that such a 
feature is allegedly disclosed at Col. 19, lines 25-32 of Inoue. Applicants respectfully disagree. 

The Examiner disagrees with argument as indicated in the Inoue reference in response to 
a registration message keys are provided. The fact the reference indicates that a refusal message 
is first generated which prompts key exchange docs not take away from the teaching of 
providing keys with the registration reply this is done in Inoue. 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject matter 
sought to be patented and the prior art are such that the subject matter as a whole would have 
been obvious at the time the invention was made to a person having ordinary skill in the art 
to which said subject matter pertains. Patentability shall not be negatived by the manner in 
which the invention was made. 

5. Claims 16-30 are rejected under 35 U.S.C. 103(a) as being unpatentable over Inoue U.S. 
Patent No. 6,167,513 (hereinafter '513) in further view of RFC 1827 IP Encapsulating Security 
Payload (ESP) (hereinafter RFC 1827). 

s to independent claim 16, "A method of providing secure communication between a 
mobile node and a home domain using a foreign domain, comprising:" is taught in '513 
col. 4, lines 50-67 "According to one aspect of the present invention there is provided a mobile 
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computer for carrying out communications while moving within a communication system in 
which a plurality of networks are inter-connected, said plurality of networks including one 
network at which a packet processing device is provided, said packet processing device having 
a function for applying an encryption and authentication processing to a packet transmitted by a 
computer inside said one network toward another computer outside said one network . . . and a 
communication unit for carrying out a prescribed communication processing including an 
encryption and authentication processing of a packet to be transmitted from said mobile 
computer, according to recognition results obtained by the first recognition unit and the second 
recognition unit", note encrypting communication between a mobile node through a plurality of 
networks is interpreted to be equivalent to secure communications between a mobile node, 
home domain, and a foreign domain; 

"transmitting a registration request from the mobile node to the home domain" is 
shown in '513 col. 16, lines 24-35 "In the mobile IP scheme, when the mobile computer moves 
to a new visiting site, it is necessary for this mobile computer to send a registration message 
containing an information on a current location to the home agent which manages this mobile 
computer"; 

"the home domain receiving and processing the registration request to generate a 
registration reply" is disclosed in '513 col. 18, lines 44-62 "As this point, the gateway 4b 
transfers this registration message as a packet in the encryption/link authentication format of 
FIG. 4D destined to the next hop gateway 4a. Then, this registration message arrives at the 
home agent 5a via the Internet 6 and the gateway 4a. Also, at the network lb, for example, a 
setting is made in the management table of the gateway 4b so that a packet transferred from the 
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Internet 6 side which is destined to this mobile computer 2 will be transferred to the home agent 
5 a. By means of this setting, a packet destined to the mobile computer 2 that is transferred from 
the Internet 6 to the home network la of the mobile computer 2 will be given to the home agent 
5a once, and further transferred to a visiting site of the mobile computer 2 from there. 
At this point, the home agent 5 a carries out the processing for encapsulating an IP packet 
destined to the original address (address in the home network la) of the mobile computer 2 
within a packet in the mobile IP format destined to a current location address of the mobile 
computer 2, as described above"; 

"comprising one or more encryption keys for encrypting messages communicated 
between and among the mobile node home, home domain, and foreign domain" is taught in 
'513 col. 19, lines 25-32 "When the above described registration processing is completed (that 
is, a case in which the permission response is received by the exchange of the key 
information"; 

"and transmitting the registration reply from the home domain to the foreign 
domain and the mobile node" is shown in '513 col. 18, line 65 through col. 19, line 25 "Now, 
when the registration message is received, the home agent 5 a transmits the registration response 
message in the IP format having the home agent 5a as a source and the mobile computer 2 as a 
destination, with respect to the mobile computer 2"; 

the following is not explicitly taught in '513: "the request comprising an identity of a user of 
the mobile node in encrypted form and network routing information in non-encrypted 
form" however RFC 1827 teaches "ESP consists of an unencrypted header followed by 
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encrypted data. The encrypted data includes both the protected ESP header fields and the 
protected user data" in Section 3 on page 4, note encrypting user data is interpreted equivalent to 
user identity in encrypted form. In addition the unencrypted header is interpreted to be 
equivalent to the network routing information in non-encrypted form. 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
to modify the teachings of '513 a mobile communication scheme using encryption and 
authentication to include a means that utilizes RFC 1825-1829 schemes to protect data 
exchanged. One in the art would have been motivated to perform such a modification because 
as indicated by '513 there is a need to guard against the leakage of secret information (see '513 
col. 1, line 51 through col. 12) "For example, there is a problem as to how to prevent the 
leakage of the secret information of the organization to the external network, and there is also a 
problem as to how to protect resources and information connected to the domestic network. 
The Internet was developed originally for the academic purpose so that the primary concern was 
the free data and service exchanges by the network connections and the above described 
problem of security has not been accounted for. However, in recent years, many corporations 
and organizations are connecting to the Internet so that there is a need for a mechanism to guard 
the own network in view of the above described problem of security. To this end, there is a 
known scheme for use at a time of exchanging a data packet on the Internet, in which the 
content of the data packet is to be encrypted and an authentication code is to be attached before 
the transmission of the data packet to the external, and the authentication code is to be 



Application/Control Number: 10/089,752 Page 7 

Art Unit: 2134 

verified and the data packet is to be decrypted at a received site. For example, the IETF (which 
is the standardizing organization for the Internet) specifies the encryption and authentication 
code attaching scheme for IP packets as the IP security standard (see, IETF RFC 1825-1829). 
According to this scheme, even when an outside user picks up the data packet on the external 
network, the leakage of data content can be prevented because the data content is encrypted, and 
therefore the secure communication can be realized". 

As to dependent claim 17, "wherein transmitting a registration request from the 
mobile node to the home domain comprises: transmitting the registration request from the 
mobile node to the foreign domain, and transmitting the registration request from the 
foreign domain to the home domain" is taught in '513 col. 18, lines 23-48. 

As to dependent 18, "wherein transmitting the registration request from the foreign 
domain to the home domain comprises establishing a secure communications pathway 
between the foreign domain and the home domain" is shown in '513 col. 18, lines 25-48, note 
the encryption link authentication is interpreted to be equivalent to the secure communication 
pathway. 

As to dependent 19, "wherein transmitting the registration request from the foreign 
domain to the home domain comprises establishing a secure communications pathway 
between the foreign domain and the mobile node" is disclosed in '513 col. 18, lines 44-62. 

As to dependent 20, "wherein transmitting the registration request from the foreign 
domain to the home domain comprises establishing a secure communications pathway 
between the home domain and the mobile node" is taught in '513 col. 18, lines 44-62. 
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As to dependent 21, "wherein processing the registration request from the mobile 
node within the home domain comprises decrypting the encrypted form of the identity of 
the user" however RFC 1827 teaches that the sending userid and destination address are used to 
locate the correct Security Association for encryption on pages 6 and 7 in the ESP in Tunnel- 
mode and ESP in Transport mode, obviously the home domain performs decryption and 
determines the sending userid when the registration request message is decrypted. 

As to dependent 22, "wherein generating a registration reply comprises encrypting 
at least one of the encryption keys" is taught in '513 col. 18, line 65 through col. 19, line 24 
and '513 col. 12, lines 20-40, note the registration reply is sent in encryption/end-to-end 
authentication format and includes a key encrypted by a master key. 

As to dependent 23, "wherein generating a registration reply comprises encrypting 
the encryption keys for encrypting messages to be communicated between the mobile node 
and me home domain, and between the mobile node and the foreign domain" is taught in 
'513 col. 18, line 65 through col. 19, line 24 and '513 col. 12, lines 20-40. 

As to dependent 24, " further comprising: decrypting one or more of the encrypted 
encryption keys" is taught in '513 col. 18, line 65 through col. 19, line 24 and '513 col. 12, 
lines 20-40. 

As to dependent 25, "wherein generating the registration reply comprises: 
generating a first encryption key for encrypting messages to be communicated between the 
mobile node and the home domain, generating a second encryption key for encrypting 
messages to be communicated between the foreign domain and the home domain, and 
generating a third encryption key for encrypting messages to be communicated between 
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the foreign domain and the mobile node" is disclosed in '513 col. 18, line 65 through col. 19, 
line 24 and '513 col. 12, lines 20-40 

As to dependent 26, "wherein generating the registration reply comprises 
encrypting at least one of the first an: third encryption keys" is taught in '513 col. 12, 
lines 21-64 and col. 18, line 66 through col. 19, line 24, note the encryption/end-to-end 
authentication format is utilized in the registration reply, this format contains the encryption keys 
to be used between gateways. 

As to dependent 27, "further comprising: decrypting at least one of the encrypted 
first and third encryption keys" is taught in '5 13 col. 12, lines 21-64 and col. 18, line 66 
through col. 19, line 24, note the encryption/end-to-end authentication format is utilized in the 
registration reply, this format contains the encryption keys to be used between gateways. 

As to dependent 28, "wherein the registration reply includes encryption keys that 
are encrypted and encryption keys that are not encrypted" is taught in '513 col. 12, 
lines 21-64 and col. 18, line 66 through col. 19, line 24, note the encryption/end-to-end 
authentication format is utilized in the registration reply, this format contains the encryption keys 
to be used between gateways. 

As to dependent 29, "further including: extracting one or more of the encryption 
keys that are not encrypted from the registration reply" is taught in '513 col. 12, 
lines 21-64 and col. 18, line 66 through col. 19, line 24, note the encryption/end-to-end 
authentication format is utilized in the registration reply, this format contains the encryption keys 
to be used between gateways. 
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As to dependent 30, "further including: extracting and decrypting one or more of 
the encryption keys that are encrypted from the registration reply" is taught in '513 col. 12, 
lines 21-64 and col. 18, line 66 through col. 19, line 24, note the encryption/end-to-end 
authentication format is utilized in the registration reply, this format contains the encryption keys 
to be used between gateways. 

Conclusion 

THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the 
extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

6. It is noted, PATENTS ARE RELEVANT AS PRIOR ART FOR ALL THEY CONTAIN 
"The use of patents as references is not limited to what the patentees describe as their own 
inventions or to the problems with which they are concerned. They are part of the literature of 
the art, relevant for all they contain." In re Heck, 699 F.2d 1331, 1332-33, 216 USPQ 1038, 1039 
(Fed. Cir. 1983) (quoting In re Lemelson, 397 F.2d 1006, 1009, 158 USPQ 275, 277 (CCPA 



Application/Control Number: 10/089,752 Page 11 

Art Unit: 2134 

1968)). A reference may be relied upon for all that it would have reasonably suggested to one 
having ordinary skill the art, including nonpreferred embodiments (see MPEP 2123). 

7. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Ellen C Tran whose telephone number is 
(571) 272-3842. The examiner can normally be reached from 7:30 am to 4:00 pm. If attempts 
to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Kambiz Zand 
can be reached on (571) 272-38 1 1 . The fax phone number for the organization where this 
application or proceeding is assigned is (57 1 ) 273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



/ELLEN TRAN/ 



Primary Examiner, Art Unit 2134 
9 June 2008 



